October Patch Bulletin

October Patch Bulletin

This month there are 61 unique CVE’s, 10 critical and 1 being exploited. Out of these we pay close attention to CVE-2019-1367 .

CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.

The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.

For additional details, please find the information from Microsoft below:

 

Technology Products Affected SeverityReferenceWorkaround/Exploited/ Publicly Disclosed Vulnerability Info
Windows Windows 7, 8.1, 8.1 RT, 10
Server 2008/2008 R2
Sever 2012, 2012 R2
Server 2016
Server 2019
System Center
Windows 10 Mobile
Windows Defender
Critical CVE-2019-1060
CVE-2019-1166
CVE-2019-1230
CVE-2019-1255
CVE-2019-1311
CVE-2019-1314
CVE-2019-1315
CVE-2019-1316
CVE-2019-1317
CVE-2019-1318
CVE-2019-1319
CVE-2019-1320
CVE-2019-1321
CVE-2019-1322
CVE-2019-1323
CVE-2019-1325
CVE-2019-1326
CVE-2019-1333
CVE-2019-1335
CVE-2019-1336
CVE-2019-1337
CVE-2019-1338
CVE-2019-1339
CVE-2019-1340
CVE-2019-1341
CVE-2019-1342
CVE-2019-1343
CVE-2019-1344
CVE-2019-1346
CVE-2019-1358
CVE-2019-1359
CVE-2019-1360
CVE-2019-1361
CVE-2019-1362
CVE-2019-1363
CVE-2019-1364
CVE-2019-1365
CVE-2019-1368
Workaround: No
Exploited: No
Public: No
Denial of Service
Elevation of Privilege
Information Disclosure
Remote Code Execution
Security Feature Bypass
Spoofing
Tampering
EdgeAllCriticalCVE-2019-0608
CVE-2019-1307
CVE-2019-1308
CVE-2019-1335
CVE-2019-1356
CVE-2019-1357
CVE-2019-1367
CVE-2019-1371
Workaround: No
Exploited: No
Public: No
Information Disclosure
Remote Code Execution
Spoofing
Internet ExplorerIE 9,10,11 CriticalCVE-2019-1133
CVE-2019-1192
CVE-2019-1193
CVE-2019-1194
Workaround: No
Exploited: Yes
Public: No
Remote Code Execution
Spoofing
Office, Office Services, Office Web AppsOffice 365 ProPlus
SharePoint 2010, 2013, 2016, 2019
Office 2010, 2013, 2016, 2019, Online Server
Excel 2010, 2013, 2016, Excel Services
2016 for Mac, 2019 for Mac
ImportantCVE-2019-1070
CVE-2019-1327
CVE-2019-1328
CVE-2019-1329
CVE-2019-1330
CVE-2019-1331
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Remote Code Execution
Spoofing
AzureAzure App Service on Azure StackCriticalCVE-2019-1372Workaround: No
Exploited: No
Public: No
Remote Code Execution
ChakraCoreChakraCoreCriticalCVE-2019-1307
CVE-2019-1308
CVE-2019-1335
CVE-2019-1366
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Open Enclave SDKOpen Enclave SDKImportantCVE-2019-1369Workaround: No
Exploited: No
Public: No
Information Disclosure
SQL Server Management Studio18.3, 18.3.1ImportantCVE-2019-1313
CVE-2019-1376
Workaround: No
Exploited: No
Public: No
Information Disclosure
Dynamics 365 On-Prem9.0ImportantCVE-2019-1375Workaround: No
Exploited: No
Public: No
Spoofing

In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.